The Saga Layer 1 blockchain has halted its EVM network following a hack in which attackers stole USDC worth $7 million.
SagaEVM has been paused at block height 6593800 in response to a confirmed exploit on the SagaEVM chainlet.
Mitigation is underway, and the team is fully focused on a solution.
Further updates will follow once details are confirmed.
— Saga ⛋ (@Sagaxyz__) January 21, 2026
The hackers transferred the funds via a cross-chain bridge and converted them into Ethereum. The team has already identified the hacker’s wallet.
“The attack was a coordinated sequence of actions: deploying smart contracts, conducting cross-network operations, and subsequently withdrawing liquidity,” the project’s blog stated.
Consequences
The incident affected only SagaEVM and two of the platform’s stablecoins—Colt and Mustang. Both “stablecoins” lost their peg to the dollar.
Another dollar-pegged asset of the project, tickered D, also experienced a depeg, dropping to $0.7.
In the wake of the hack, the price of the SAGA coin fell by 5.2% to $0.05.
The main Saga SSC network, its consensus mechanism, and validators remain secure.
The project team is collaborating with exchanges and bridge operators to recover the stolen funds. SagaEVM will resume operations once developers complete their investigation of the incident.
Possible Causes
Cybersecurity expert Vladimir S. suggested that the attacker exploited a vulnerability in the Saga Dollar smart contract.
Saga EVM has been exploited for $7 million!
An attacker minted D tokens (Saga Dollar) out of thin air with a helper contract that abused IBC mechanisms with custom messages.
Exploit Contract: https://t.co/Mv95cI2Ixf
Attacker: https://t.co/OCLoWB30LBhttps://t.co/MeyFZqcNhr… pic.twitter.com/3ekVOkaRhY— Vladimir S. | Officer’s Notes (@officer_secret) January 21, 2026
“By creating custom messages or data, the contract bypassed checks in the bridge precompile logic, allowing unlimited issuance of D tokens without any backing,” he explained.
A blockchain analyst known as Specter suggested that the attack resulted from a compromised private key.
This week, the DeFi protocol Makina Finance was also hacked, with approximately $5 million withdrawn from one of its stablecoin pools.
In 2025, the volume of stolen funds reached $3.4 billion, the highest since 2022. Three incidents, including the $1.46 billion Bybit hack, accounted for 69% of all losses.
Immunefi CEO Mitchell Amador concluded that nearly 80% of cryptocurrency projects cease to exist after major attacks.